MDKSA-2002:066

Problem description

A directory traversal vulnerability was discovered in GNU tar version
1.13.25 and earlier that allows attackers to overwrite arbitrary files
during extraction of the archive by using a ".." (dot dot) in an
extracted filename.